Primary

Context

Microsoft Exchange Server Spoofing Vulnerability

Vulnerability

Patched

A spoofing vulnerability has been identified in Microsoft Exchange Server due to improper input validation. This issue allows an unauthorized attacker to perform spoofing attacks over the network. The vulnerability affects multiple versions of Microsoft Exchange Server, including Exchange Server 2019 Cumulative Update 14 and 15, Exchange Server 2016 Cumulative Update 23, and Exchange Server Subscription Edition RTM.

Impact

Exploitation of this vulnerability could lead to unauthorized spoofing over the network.

Remediation

Users can download the security update for Microsoft Exchange Server 2019 Cumulative Update 14, 2019 Cumulative Update 15, Exchange Server 2016 Cumulative Update 23, and Exchange Server Subscription Edition RTM from the Microsoft Update Catalog.

Added: Oct 14, 2025, 6:14 PM

Updated: Oct 14, 2025, 8:40 PM

Vulnerability Rating

Custom Algorithm

spread

6.4

impact

0.6

exploitability

7.6

remediation

7.7

relevance

0.7

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.4

impact

0.6

exploitability

7.6

remediation

7.7

relevance

0.7

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Microsoft Exchange Server Spoofing Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Microsoft Exchange Server

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating